Category Archives: O23

What is Wireshark Antivirus, How to remove Wireshark Antivirus

Wireshark Antivirus is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Startup Type: BHO, Service
HijackThis Category: O2, O23
HijackThis Line:

O2 – BHO: ADC PlugIn – {149256D5-E103-4523-BB43-2CFB066839D6} – C:\Program Files\adc_w32.dll
O23 – Service: Adobe Update Service (AdbUpd) – Unknown owner – C:\Program Files\svchost.exe

Description: rogue antispyware program

How to remove: use these Wireshark Antivirus removal instructions.

What is winsts.sys, How to remove winsts.sys

winsts.sys is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: winsts
Filename: winsts.sys
Registry key:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\winsts

Command: c:\windows\system32\winsts.sys
Startup Type: Service
HijackThis Category: O23
HijackThis Line:

O23 – Service: winsts (winsts) – – C:\WINDOWS\system32\winsts.sys

DDS/Combofix/RSIT Line:

S3 winsts;winsts;c:\windows\system32\winsts.sys

Description: trojan

How to remove: use HijackThis + Kaspersky virus removal tool or ask for help in the Spyware removal forum.
How to remove: link

What is ansid.exe, How to remove ansid.exe

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: ansid
Filename: ansid.exe
Registry key:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mnmsrvcRDSessMgr

Command: c:\windows\SYSTEM32\ansid.exe
Startup Type: Service
HijackThis Category:
HijackThis Line:

O23 – Service: NetMeeting Remote Desktop Sharing mnmsrvcRDSessMgr (mnmsrvcRDSessMgr) – – C:\WINDOWS\system32\ansid.exe srv

DDS/Combofix/RSIT Line:

R2 mnmsrvcRDSessMgr;NetMeeting Remote Desktop Sharing mnmsrvcRDSessMgr;c:\windows\SYSTEM32\ansid.exe srv

Description: virus also known as W32.Virut.CF [Symantec], Virus.Win32.Virut.ce [Kaspersky Lab], W32/Virut.n.gen [McAfee], W32/Scribble-B [Sophos], Virus:Win32/Virut.BM [Microsoft]

How to remove: use Kaspersky virus removal tool

What is svchust.exe, How to remove svchust.exe

svchust.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: svchust
Filename: svchust.exe
Registry key:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Net_Login

Command: c:\windows\svchust.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:

O23 – Service: Net_Login (Net_Login) – Sigma Designs In – C:\WINDOWS\svchust.exe

DDS/Combofix/RSIT Line:

R2 Net_Login;Net_Login;c:\windows\svchust.exe

Description: trojan also known as W32.Pinfi [Symantec], Virus.Win32.Parite.b [Kaspersky Lab], W32/Pate.b [McAfee], PE_PARITE.A [Trend Micro], W32/Parite-B [Sophos], Virus:Win32/Parite.B [Microsoft]

How to remove: use HijackThis + Malwarebytes` Anti-malware + Kaspersky virus removal tool

What is FastNetSrv.exe, How to remove FastNetSrv.exe

FastNetSrv.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: FastNetSrv
Filename: FastNetSrv.exe
Command: c:\windows\SYSTEM32\FastNetSrv.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:

O23 – Service: fastnetsrv Service (fastnetsrv) – Sigma Designs In – C:\WINDOWS\system32\FastNetSrv.exe

Combofix/RSIT Line:

R2 fastnetsrv;fastnetsrv Service;c:\windows\SYSTEM32\FastNetSrv.exe [8/4/2004 6:00 AM 93696]

Description: trojan agent

How to remove: use Malwarebytes` Anti-malware or use SUPERAntiSpyware

QuickHealCleanerSvc.exe is component of QuickHealCleaner

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: QuickHealCleanerSvc
Filename: QuickHealCleanerSvc.exe
Registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\quickhealcleanersvc

Command: C:\Program Files\QuickHealCleaner Software\QuickHealCleaner\QuickHealCleanerSvc.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:

O23 – Service: QuickHealCleaner Security Service (QuickHealCleanerSvc) – Unknown owner – C:\Program Files\QuickHealCleaner Software\QuickHealCleaner\QuickHealCleanerSvc.exe

Description: component of QuickHealCleaner (rogue antispyware software)

How to remove: use these QuickHealCleanerSvc.exe removal instructions.

SystemCopSvc.exe is a component of SystemCop

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SystemCopSvc
Filename: SystemCopSvc.exe
Registry key:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SystemCopSvc

Command: C:\Program Files\SystemCop Software\SystemCop\SystemCopSvc.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:

O23 – Service: SystemCop Security Service (SystemCopSvc) – Unknown owner – C:\Program Files\SystemCop Software\SystemCop\SystemCopSvc.exe

Description: component of SystemCop (rogue antispyware program)

How to remove: use these SystemCop removal instructions.

svchasts.exe is a component of Windows Police Pro

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: svchasts
Filename: svchasts.exe
Registry key:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\antippro2009_100

Command: C:\WINDOWS\svchasts.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:

O23 – Service: AntipPro2009_100 (AntipyProex) – Unknown owner – C:\WINDOWS\svchasts.exe

Combofix/RSIT Line:

R2 AntipPro2009_100;AntipyProex; C:\WINDOWS\svchasts.exe [2009-08-31 163840]

Description: component of Windows Police Pro (rogue antispyware program)

How to remove: use these Windows Police Pro removal instructions.

BlockDefenseSvc.exe is component of BlockDefense

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: BlockDefenseSvc
Filename: BlockDefenseSvc.exe
Registry key:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\blockdefensesvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\blockdefensesvc

Command: C:\Program Files\BlockDefense Software\BlockDefense\BlockDefenseSvc.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:

O23 – Service: BlockDefense Security Service (BlockDefenseSvc) – Unknown owner – C:\Program Files\BlockDefense Software\BlockDefense\BlockDefenseSvc.exe

Description: component of BlockDefense (rogue antispyware program)

How to remove: use these BlockDefense removal instructions.

SaveDefenseSvc.exe is component of SaveDefense

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SaveDefenseSvc
Filename: SaveDefenseSvc.exe
Registry key:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SaveDefenseSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SaveDefenseSvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SaveDefenseSvc

Command: C:\Program Files\SaveDefense Software\SaveDefense\SaveDefenseSvc.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:

O23 – Service: SaveDefense Security Service (SaveDefenseSvc) – Unknown owner – C:\Program Files\SaveDefense Software\SaveDefense\SaveDefenseSvc.exe

Description: component of SaveDefense (rogue antispyware program)

How to remove: use these SaveDefense removal instructions.